Cloud Service Providers (CSP) allow the users to store their data in the cloud storage servers. However, outsourcing the confidential data increases the security vulnerabilities as the data owner loses the physical on-premise control over the data. In order to verify the integrity of the outsourced data, auditing has to be performed frequently. Existing public auditing schemes completely depend on the third party auditor (TPA) to verify the integrity. If the trustworthiness of the TPA is compromised, then the TPA might send the fraudulent integrity result to the data owners. Existing schemes does not possess cross verification procedures to overcome the trust issues associated with the TPA. In addition, most of the existing public auditing schemes use RSA and BLS signatures to verify the authenticity of the data owner. Due to large key size, the computation time to perform auditing remains high. To overcome these issues, an LDuAP (lightweight dual auditing protocol) based on the Cramer-Shoup cryptosystem has been proposed. It combines both public and private auditing schemes to improve the authenticity of the integrity results. Initially, a lightweight public auditing is performed for all the data blocks stored in the cloud. Later, to cross-verify the integrity results generated by the TPA, private auditing is performed. The proposed scheme reduces the size of the signature by 50% and subsequently reduces the overhead of the entire auditing scheme. The extensive implementation assessments and security analysis exhibit the legitimacy and efficiency of the proposed scheme.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Tax calculation will be finalised during checkout.
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
Tax calculation will be finalised during checkout.
Aditya T, Baruah PK, Mukkamla R (2011) Space efficient bloom filters for enforcing integrity of outsourced data in cloud environments. In: Proc. IEEE 4th Int. Conf. Cloud Comp., pp 292–299. https://doi.org/10.1109/cloud.2011.40
Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peter Z, Song D (2007) Provable data possession at untrusted stores. In: Proc. 14th ACM Conf. Comp. Comm. Sec., pp 598–610. https://doi.org/10.1145/1047915.1047917
Ateniese G, Kamara S, Katz J (2009) Proofs of storage from homomorphic identification protocols. In: Proc. Int. Conf. Theory App. Cryp. Inf. Sec. Adv. Cryp., pp319–333. https://doi.org/10.1007/978-3-642-10366-7_19
Ateniese G, Burns R, Reza C, Joseph H, Khan O, Kissner L, Peterson Z, Song D (2011) Remote data checking using provable data possession. ACM Trans Inf Syst Secur 14(1):1–34. https://doi.org/10.1145/1952982.1952994
Bowers KD, Juels A, Oprea A (2009) HAIL: a high-availability and integrity layer for cloud storage. In: Proc. 16th ACM Conf. Comp. Comm. Sec, pp 188–198. https://doi.org/10.1145/1653662.1653686
He D, Kumar N, Wang H, Wang L, Choo KK (2017) Privacy-preserving certificateless provable data possession scheme for big data storage on cloud. Appl Math Comput 314:31–43. https://doi.org/10.1016/j.amc.2017.07.008
Jiang M, Zhao C, Xiang G (2013) A modified algorithm based on the bloom filter. In: Proc. Int. Con. Image Sig. Proc., pp 1087–1091. https://doi.org/10.1109/CISP.2013.6745220
Jiang M, Zhao C, Mo Z, Jing W (2018) An improved algorithm based on Bloom filter and its application in bar code recognition and processing. J Image Video Proc 139:1–12. https://doi.org/10.1186/s13640-018-0375-6
Kang B, Jiaqiang W, Dongyang S (2017) Attack on privacy-preserving public auditing schemes for cloud storage. Math Probl Eng. https://doi.org/10.1155/2017/8062182
Khan Z, Anwar B, Bordbar E, Ritter RH (2018) A protocol for preventing insider attacks in untrusted infrastructure-as-a-service clouds. IEEE Trans Cloud Comput 6(4):942–954. https://doi.org/10.1109/TCC.2016.2560161
Li L, Yang Y, Wu Z (2017) FMR-PDP: Flexible multiple-replica provable data possession in cloud storage. In: IEEE Symposium on Computers and Communications (ISCC), pp 1115–1121. https://doi.org/10.1109/ISCC.2017.8024675
Liu C, Ranjan R, Yang C, Zhang X, Wang L, Chen J (2015) MuR-DPA: Top-down levelled multi-replica Merkle hash tree based secure public auditing for dynamic big data storage on cloud. IEEE Trans Comput 64(9):2609–2622. https://doi.org/10.1109/TC.2014.2375190
Liu L, Vel OD, Han Q, Zhang J, Xiang J (2018) Detecting and preventing cyber insider threats: a survey. IEEE Commun Surv Tutor 20(2):1397–1417. https://doi.org/10.1109/COMST.2018.2800740
Mukundan R, Madria S, Linderman M (2014) Efficient integrity verification of replicated data in cloud using homomorphic encryption. Distrib Parallel Databases 32(4):507–534. https://doi.org/10.1007/s10619-014-7151-0
Nianmin Y, Haifeng M, Yong H (2014) A method for memory integrity authentication based on bloom filter. J Algorithms Comput Technol. https://doi.org/10.1260/1748-3018.8.3.267
Shacham H, Waters B (2008) (2008) Compact proofs of retrievability. Proc Asia Crypt 5350:90–107. https://doi.org/10.1007/978-3-540-89255-7_7
Tabrizchi H, Kuchaki RM (2020) A survey on security challenges in cloud computing: issues, threats, and solutions. J Supercomput 76:9493–9532. https://doi.org/10.1007/s11227-020-03213-1
Tian H, Chen Y, Chang CC, Hong J, Huang Y, Chen Y, Liu J (2017) Dynamic-hash-table based public auditing for secure cloud storage. IEEE Trans Serv Comput 10(5):701–714. https://doi.org/10.1109/TSC.2015.2512589
Venkatesh M, Sumalatha MR, SelvaKumar C (2012) Improving public auditability, data possession in data storage security for cloud computing. In: Proc. Int. Conf. Recent Trends Inf. Tech.., pp 463–467. https://doi.org/10.1109/ICRTIT.2012.6206835
Walid KI, Khater HM, Mohamed ER (2019) Cryptographic accumulator based scheme for critical data integrity verification in cloud storage. IEEE Access 7:65635–65651. https://doi.org/10.1109/access.2019.2917628
Wang H (2013) Proxy provable data possession in public clouds. IEEE Trans Serv Comput 6(4):551–559. https://doi.org/10.1109/TSC.2012.35
Wang H (2015) Identity-based distributed provable data possession in multi-cloud storage. IEEE Trans Serv Comput 8(2):328–340. https://doi.org/10.1109/TSC.2014.1
Wang Q, Wang C, Ren K, Lou W, Li J (2011) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859. https://doi.org/10.1109/TPDS.2010.183
Wang XA, Liu Y, Zhang J, Yang X, Zhang M (2018) Improved group-oriented proofs of cloud storage in IoT setting. Concurr Comput Pract Exp. https://doi.org/10.1002/cpe.4781
Xiang S, Wang F, Cao Q (2016) A Bloom Filter based scalable data integrity check tool for large-scale dataset. In: Int. Para. Stor. data Inten. Scal. Comp. Syst., pp 55–60. https://doi.org/10.1109/pdsw-discs.2016.014
Xiling L, Zequan Z, Lin Z, Jian M, Chaoyong C (2018) An effective integrity verification scheme of cloud data based on BLS signature. Secur Commun Netw. https://doi.org/10.1155/2018/2615249
Xu Z, Wu L, Khan MK, Choo KR, He D (2017) A secure and efficient public auditing scheme using RSA algorithm for cloud storage. J Super Comput 73(12):5285–5309. https://doi.org/10.1007/s11227-017-2085-8
Yan Y, Lei W, Gao G, Wang H, Wenyu X (2018) A dynamic integrity verification scheme of cloud storage data based on lattice and Bloom filter. J Inf Secur Appl 39:10–18. https://doi.org/10.1016/j.jisa.2018.01.004
Yu Y, Xue L, Au MH, Susilo W, Ni J, Zhang Y, Vasilakos AV, Shen J (2016) Cloud data integrity checking with an identity-based auditing mechanism from RSA. Future Gener Comput Syst 62:85–91. https://doi.org/10.1016/j.future.2016.02.003
Yuhan L, Fu A, Yu Y, Zhang G (2017) IPOR: An efficient IDA-based proof of retrievability scheme for cloud storage systems. IEEE Int. Conf. Comm., pp. 1–6. https://doi.org/10.1109/ICC.2017.7997106
Zhang S, Hang Z, Yahui YW (2017) A joint Bloom filter and cross-encoding for data verification and recovery in cloud. IEEE Sym. Comp. Comm., pp 614–619. https://doi.org/10.1109/iscc.2017.8024596
Zhang J, Wang B, He D, Wang XA (2019) Improved secure fuzzy auditing protocol for cloud data storage. Soft Comput 23:3411–3422. https://doi.org/10.1007/s00500-017-3000-1
Zhang J, Wang B, Wang XA, Wang H, Xiao S (2020) New group user based privacy preserving cloud auditing protocol. Future Gener Comput Syst 106:585–594. https://doi.org/10.1016/j.future.2020.01.029
Zhu Y, Ahn GJ, Hu H, Yau SS, An HG, Hu CJ (2013) Dynamic audit services for outsourced storages in clouds. IEEE Trans Serv Comput 6(2):227–238. https://doi.org/10.1109/TSC.2011.51
This research work was financially support by Science and Engineering Research Board (SERB), Department of Science and Technology, Government of India (Grant number: ECR/2016/000546).
This research work was financially supported by Science and Engineering Research Board (SERB), Department of Science and Technology, Government of India under the research Grant number ECR/2016/000546.
Conflict of interest
The author(s) has no conflict of Interest.
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
About this article
Cite this article
Yoosuf, M.S., Anitha, R. LDuAP: lightweight dual auditing protocol to verify data integrity in cloud storage servers. J Ambient Intell Human Comput (2021). https://doi.org/10.1007/s12652-021-03321-7
- Integrity verification
- Dual auditing
- Cramer-Shoup cryptosystem
- Cloud security
- Third party auditor